wood burning stoves*
The moose likes JDBC and the fly likes SQL statement not executing. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC
Bookmark "SQL statement not executing." Watch "SQL statement not executing." New topic
Author

SQL statement not executing.

Ravi Harishchandra
Greenhorn

Joined: Oct 29, 2012
Posts: 17
Hii...the mentioned SQL statement is just not executing, The code is as below:
The error I'm getting is : java.sql.SQLException: Invalid SQL type: sqlKind = UNINITIALIZED
CODE::
Statement st1 = con.createStatement();
st1.executeUpdate("insert into customer values('"+ id1 +"','"+ name +"','"+ addr +"','"+ cont +"','"+ email+"','" + city +"','" + state + "','" + from +"','" + to + "','"+ room +"','" + adv +"','" + room_no +"','"+ differenceInDays +"')"); // the first statement works absolutely fine, inserting all the values in database.
st1.executeUpdate("update" + room + "set FLAG=1 where RNO = " + room_no +"");// this statement here is not executing, values room and room_no are inserted in database in the above SQL query
con.close();
res.close();

Rob Spoor
Sheriff

Joined: Oct 27, 2005
Posts: 19723
    
  20

Don't you mean update customer set FLAG=1 where RNO = " + room_no? Because room is a value, not the name of a table.

You should also definitely start using PreparedStatement. Right now that code is highly susceptible to SQL injection.


SCJP 1.4 - SCJP 6 - SCWCD 5 - OCEEJBD 6
How To Ask Questions How To Answer Questions
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18675
    
    8

It's also susceptible to failing if you get the tiniest thing wrong in that horrible mess of single and double quotes. And it's easy to get that wrong. PreparedStatement makes parametrized queries infinitely easier, you should definitely be using it.
aadhira sharma
Greenhorn

Joined: Dec 13, 2012
Posts: 4
Thanks for this link.
chris webster
Bartender

Joined: Mar 01, 2009
Posts: 1777
    
  16

  • Try printing your SQL statements out so you can see what your DB is trying to execute. I think your SQL UPDATE needs a space after the "update", for example.
  • But as the others have said, using concatenated SQL strings like this is the wrong approach anyway.
  • Write and test your SQL separately (outside Java) using your database's SQL shell, so you can be sure you've got your SQL right before you start messing around in Java.
  • Then use a PreparedStatement with bind variables in Java for your SQL because it's easier to write/read/maintain, more secure (helps prevent SQL injection) and more efficient (allows your database to re-use the parsed SQL).


  • No more Blub for me, thank you, Vicar.
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: SQL statement not executing.